InfoSec News 20250130

  • Publicado: Qui, 30/01/2025 - 14:40

Top News

  • Tax Season Cybersecurity Alert: Report Reveals Surge in Tax-Related Cyberattacks

"Cybercriminals are capitalizing on the 2025 tax season with a wave of sophisticated phishing and malware campaigns, according to a new report from Proofpoint."

Link

TLP1 : Green

  • Aquabot variant v3 targets Mitel SIP phones

"A new variant of the Mirai-based botnet Aquabot targets vulnerable Mitel SIP phones to recruit them into a DDoS botnet."

Link

TLP1 : Green

  • PHP package Voyager flaws expose to one-click RCE exploits

"The open-source PHP package Voyager is affected by three vulnerabilities that could be exploited to achieve one-click remote code execution on affected instances."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Authorities Seize Domains of Popular Hacking Forums in Major Cybercrime Crackdown

"An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP."

Link

TLP1 : Green

  • Silent Lynx APT Group: A New Espionage Threat Targeting Central Asia

"Seqrite Labs APT-Team has uncovered two sophisticated campaigns orchestrated by a newly identified threat group, Silent Lynx."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked

"Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data."

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Active Exploitation of Zero-day Zyxel CPE Vulnerability (CVE-2024-40891)

"After identifying a significant overlap between IPs exploiting CVE-2024-40891 and those classified as Mirai, the team investigated a recent variant of Mirai and confirmed that the ability to exploit CVE-2024-40891 has been incorporated into some Mirai strains."

Link

TLP1 : Green

  • CVSS 10 Alert: Coolify Hit by Three Critical Security Flaws – CVE-2025-22612, CVE-2025-22611, and CVE-2025-22609

"A trio of critical security vulnerabilities has been discovered in Coolify, an open-source platform for managing servers, applications, and databases."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • This course bundle deal is the affordable way to train for CompTIA exams

"CompTIA is a well-known and respected organization, but the tests are difficult, and the prep materials are expensive."

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

"We identified a cluster of activity that we track as CL-STA-0048. This cluster targeted high-value targets in South Asia, including a telecommunications organization."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News